2 matches found
CVE-2019-9883
Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. It allows attacker to elevate privilege of specific account via useradmin/cfnew.cgi?chief=group=fullname=testaccount=testemail=acl=Managementlang== without any authorizes...
CVE-2019-9883
CVE-2019-9883 describes a CSRF vulnerability in multiple modules of MailSherlock MSR35 and MSR45 that lets an attacker elevate privileges on a targeted account via a crafted request to useradmin/cf_new.cgi?chief=&wk_group=full&cf_name=test&cf_account=test&cf_email=&cf_acl=Management&apply_lang=&d...